Due to the increase in phishing attempts and continued threat of ransomware we are implementing new security settings in the email system this week and next. Ideally you should not notice the changes other than perhaps a few less emails in your junk folder. We are implementing some standard settings but individuals may need some tweaks to fit their business needs. If you do please let us know.
Here’s what we are doing. It will take us a couple of weeks to fully implement all of these new settings. We are considering this to be our basic standard for configuring Office 365 now.
Part 1:
Blocking international spam. All Countries will be blocked by default with the exception of China, Mexico, Korea and Canada. If you do business with other Countries we can add those Countries to the exception list too. If you need a custom list please send it to us.
Alerting unusual activity. Two new alerts will be setup. One will alert you to file deletions. The other will alert you to file downloads. We will be contacting you to determine who the alerts will go to. The purpose of these alerts is to be notified should an employee, bad actor, or application begin to behave in an out of the ordinary way. Strange file deletions and unusual downloading are hallmarks of infection or sabotage.
Part 2:
Active blocking of file extensions known to be associated with ransomware. This will prevent a ransomware infection from being able to save the encrypted file. If it can’t save it, your original file is protected. We have had this setting in place for some time but in passive mode, meaning that it has been alerting us but not blocking the files. We did this to determine the extent of false positives. There have been some but not a significant number. If someone is blocked from saving the file as the name they chose a message will let them know it can’t save with that name. This is an addition to the extensive ransomware protections that are already in place.
Part 3:
Requiring two-factor authentication for admin login. The administrator will now be required to use 2-factor authentication.
Allowing everyone to change their own passwords. The portal now supports self-password reset. So if you forget your password you can reset it by going to http://portal.office365.com and clicking on the forgot password link.
Setting Password Change Alerts. When a persons password is changed their will receive a notification that their password has been changed. This is a hacking alert. If a person has not changed their password and gets this notice then they should notify us immediately. In the case of the administrator password, all admins will be notified.
Part 4:
Configuring email encryption. A rule will be created to enable you to send encrypted email to anyone. To send an encrypted email just put the word SecureMail (all one word, not case sensitive) into the subject or body of the email. The recipient will receive instructions for accessing the email via one time code. No login or special account is required. You can decide how to use this feature but we suggest any personally identifiable information, credit cards, banking, proprietary files or data be sent with encryption.
Customizing your login portal. Many phishing attempts are asking you to verify your account or otherwise log into the portal. But the portal is fake, not your actual portal. A photo that represents your business and your business name will be your indicators that you are in the real place.
We’re working hard to keep up with the changing threat landscape and implementing new sets of tools and configurations to prevent them. We care about your business and these proactive measures will help to protect you from todays threats.
– Amy, president
About Harbor Computer Services
Harbor Computer Services is an IT firm servicing Southeastern Michigan. We work exclusively under contract with our clients to provide technology direction and either become the IT department or provide assistance to the internal IT they already have. We have won many awards for our work over the years, including the worldwide Microsoft Partner of the Year in 2010. We’re the smallest firm to have ever won this most prestigious award. Most recently we were recognized as one of the top 20 visionaries in small business IT by ChannelPro Magazine (2015). And in 2016 as the top Michigan IT firm for Manufacturing. There are a few simple things that make Harbor Computer Services the best choice for your business. •We are Professionals •We are Responsible •We are Concerned About The Success of Your Business
